Prepare the afs acl module for the api change in get_nt_acl().

author Michael Adam <obnox@samba.org>

Tue, 4 Dec 2007 08:45:14 +0000 (09:45 +0100)

committer Michael Adam <obnox@samba.org>

Wed, 19 Dec 2007 22:08:00 +0000 (23:08 +0100)
author Michael Adam <obnox@samba.org>
Tue, 4 Dec 2007 08:45:14 +0000 (09:45 +0100)
committer Michael Adam <obnox@samba.org>
Wed, 19 Dec 2007 22:08:00 +0000 (23:08 +0100)
diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c

index a923ce188ffb75ccdbf9f2677f5d2ab793ad45ff..9dd4d7ec93199a59490ea88dd32e7551d96f0106 100644 (file)
--- a/source3/modules/vfs_afsacl.c
+++ b/source3/modules/vfs_afsacl.c
@@ -585,15 +585,14 @@ static uint32 nt_to_afs_file_rights(const char *filename, const SEC_ACE *ace)
         return result;
  }
  
-static size_t afs_to_nt_acl(struct afs_acl *afs_acl, 
-                           struct files_struct *fsp,
-                           uint32 security_info,
-                           struct security_descriptor **ppdesc)
+static size_t afs_to_nt_acl_common(struct afs_acl *afs_acl,
+                                  SMB_STRUCT_STAT *psbuf,
+                                  uint32 security_info,
+                                  struct security_descriptor **ppdesc)
  {
         SEC_ACE *nt_ace_list;
         DOM_SID owner_sid, group_sid;
         SEC_ACCESS mask;
-       SMB_STRUCT_STAT sbuf;
         SEC_ACL *psa = NULL;
         int good_aces;
         size_t sd_size;
@@ -601,19 +600,8 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
  
         struct afs_ace *afs_ace;
  
-       if (fsp->is_directory || fsp->fh->fd == -1) {
-               /* Get the stat struct for the owner info. */
-               if(SMB_VFS_STAT(fsp->conn,fsp->fsp_name, &sbuf) != 0) {
-                       return 0;
-               }
-       } else {
-               if(SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) != 0) {
-                       return 0;
-               }
-       }
-
-       uid_to_sid(&owner_sid, sbuf.st_uid);
-       gid_to_sid(&group_sid, sbuf.st_gid);
+       uid_to_sid(&owner_sid, psbuf->st_uid);
+       gid_to_sid(&group_sid, psbuf->st_gid);
  
         if (afs_acl->num_aces) {
                 nt_ace_list = TALLOC_ARRAY(mem_ctx, SEC_ACE, afs_acl->num_aces);
@@ -639,7 +627,7 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
                         continue;
                 }
  
-               if (fsp->is_directory)
+               if (S_ISDIR(psbuf->st_mode))
                         afs_to_nt_dir_rights(afs_ace->rights, &nt_rights,
                                              &flag);
                 else
@@ -656,7 +644,6 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
         if (psa == NULL)
                 return 0;
  
-       
         *ppdesc = make_sec_desc(mem_ctx, SEC_DESC_REVISION,
                                 SEC_DESC_SELF_RELATIVE,
                                 (security_info & OWNER_SECURITY_INFORMATION)
@@ -668,6 +655,42 @@ static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
         return sd_size;
  }
  
+static size_t afs_to_nt_acl(struct afs_acl *afs_acl,
+                           struct connection_struct *conn,
+                           const char *name,
+                           uint32 security_info,
+                           struct security_descriptor **ppdesc)
+{
+       SMB_STRUCT_STAT sbuf;
+
+       /* Get the stat struct for the owner info. */
+       if(SMB_VFS_STAT(conn, name, &sbuf) != 0) {
+               return 0;
+       }
+
+       return afs_to_nt_acl_common(afs_acl, &sbuf, security_info, ppdesc);
+}
+
+static size_t afs_fto_nt_acl(struct afs_acl *afs_acl,
+                            struct files_struct *fsp,
+                            uint32 security_info,
+                            struct security_descriptor **ppdesc)
+{
+       SMB_STRUCT_STAT sbuf;
+
+       if (fsp->is_directory || fsp->fh->fd == -1) {
+               /* Get the stat struct for the owner info. */
+               return afs_to_nt_acl(afs_acl, fsp->conn, fsp->fsp_name,
+                                    security_info, ppdesc);
+       }
+
+       if(SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) != 0) {
+               return 0;
+       }
+
+       return afs_to_nt_acl_common(afs_acl, &sbuf, security_info, ppdesc);
+}
+
  static bool mappable_sid(const DOM_SID *sid)
  {
         DOM_SID domain_sid;
@@ -830,27 +853,6 @@ static bool afs_get_afs_acl(char *filename, struct afs_acl *acl)
         return True;
  }
  
-static NTSTATUS afs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
-                              struct security_descriptor **ppdesc)
-{
-       struct afs_acl acl;
-       size_t sd_size;
-
-       DEBUG(5, ("afs_get_nt_acl: %s\n", fsp->fsp_name));
-
-       sidpts = lp_parm_bool(SNUM(fsp->conn), "afsacl", "sidpts", False);
-
-       if (!afs_get_afs_acl(fsp->fsp_name, &acl)) {
-               return NT_STATUS_ACCESS_DENIED;
-       }
-
-       sd_size = afs_to_nt_acl(&acl, fsp, security_info, ppdesc);
-
-       free_afs_acl(&acl);
-
-       return (sd_size != 0) ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
-}
-
  /* For setting an AFS ACL we have to take care of the ACEs we could
   * not properly map to SIDs. Merge all of them into the new ACL. */
  
@@ -994,14 +996,46 @@ static NTSTATUS afsacl_fget_nt_acl(struct vfs_handle_struct *handle,
                                    int fd,  uint32 security_info,
                                    struct security_descriptor **ppdesc)
  {
-       return afs_get_nt_acl(fsp, security_info, ppdesc);
+       struct afs_acl acl;
+       size_t sd_size;
+
+       DEBUG(5, ("afsacl_fget_nt_acl: %s\n", fsp->fsp_name));
+
+       sidpts = lp_parm_bool(SNUM(fsp->conn), "afsacl", "sidpts", False);
+
+       if (!afs_get_afs_acl(fsp->fsp_name, &acl)) {
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
+       sd_size = afs_fto_nt_acl(&acl, fsp, security_info, ppdesc);
+
+       free_afs_acl(&acl);
+
+       return (sd_size != 0) ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
  }
+
  static NTSTATUS afsacl_get_nt_acl(struct vfs_handle_struct *handle,
                                   struct files_struct *fsp,
                                   const char *name,  uint32 security_info,
                                   struct security_descriptor **ppdesc)
  {
-       return afs_get_nt_acl(fsp, security_info, ppdesc);
+       struct afs_acl acl;
+       size_t sd_size;
+
+       DEBUG(5, ("afsacl_get_nt_acl: %s\n", name));
+
+       sidpts = lp_parm_bool(SNUM(handle->conn), "afsacl", "sidpts", False);
+
+       if (!afs_get_afs_acl(name, &acl)) {
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
+       sd_size = afs_to_nt_acl(&acl, handle->conn, name, security_info,
+                               ppdesc);
+
+       free_afs_acl(&acl);
+
+       return (sd_size != 0) ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
  }
  
  NTSTATUS afsacl_fset_nt_acl(vfs_handle_struct *handle,
author	Michael Adam <obnox@samba.org>
	Tue, 4 Dec 2007 08:45:14 +0000 (09:45 +0100)
committer	Michael Adam <obnox@samba.org>
	Wed, 19 Dec 2007 22:08:00 +0000 (23:08 +0100)